###
## skeLDAP
## 
## rev 20111004-002 @c3w @bestfriendchris
## fixed special-character exceptions with sed and slappasswd.
## set server `hostname` as default nfs server for auto.home.  override in skel/user.ldif.skel if needed
##
## rev 20111004-001 @c3w
## added modify, delete, search
##
## rev 20100807-001 @c3w
## license: open source!


### USAGE

## create user
skelprov [username] [email address] [firstname] [lastname]

## delete user
skeldel [ldif file]

## search ldap
skelsearch

## change user password (randomly) and email instructions
skelpasswd [username] [email address]

---------

### What is skeLDAP
skeleton configs and provisioning scripts for openLDAP
including system configs for server and client,
plus automount ability to allow ssh keys and /home mounts across your network

### Why did I write this?
There seem to be many ways to implement LDAP across your network; however,
most google search results for LDAP seem to render 'HELP!' threads without an all-in-one solution.
Problems such as 'whitespace' in the configs, archaic command-line parameters, and really just
tons of places to make easy mistakes.

What's also missing are the proper system config files to change - things like nsswitch.conf,
auto.master, hosts.allow, and required services such as nfs, autofs, rpcbind, and nfslock.

### What the upshot of all this?
You'll be able to deploy and manage LDAP+automount across your network, over a cup of coffee,
without mediculusly crafting google searches to find that [SOLVED] answer to the tens of things
that can go wrong - and by wrong, I mean: e.g. putting ldap before files in nsswitch.conf and
completely crashing your server until you can boot off a recovery CD - yeah that happened to me;)

### So this project is new - what's in the box, and what's missing
So first, I'd love to get some collaborators, so read on to the 'caveats'

You get a skeleton .ldif that creates a user and an automount LDAP entry

Then you get scripts to generate that user, create their dir, generate a random password, and email
the end-user. The script auto-increments the UID so you don't step on any toes.  You also can choose
the GID for things like development, or vpn-only access - be creative.

There is a delete script that, given a stub .ldif file will remove that user from LDAP.

There is a simple search script so you can check what's in the database.

######
The glue of this whole project is the system-level configs you need to get LDAP user auth and
automount.

This includes pam.d/sshd, pam.d/passwd, /etc/nsswitch.conf, /exports, /etc/ldap.conf, and some
'server init' and 'client init' scripts that backup existing files and deploys the skeLDAP versions!
######

### So now what's missing
This project is very basic - everything is bash/sed and its still really meant for sysadmins who
know their way around.

### CONTACT?
You most likely got this from my github project http://github.com/c3w/skeLDAP .. its an open project,
so join in!

\/peace
Chas. <c3w@juicypop.net>